package com.bocloud.cmp.web.controller.security;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import com.alibaba.fastjson.JSONObject;
import com.bocloud.cmp.web.model.SSOConfig;
import com.bocloud.cmp.web.utils.CommonString;
import com.bocloud.common.enums.BoCloudMethod;
import com.bocloud.common.enums.BoCloudService;
import com.bocloud.common.model.BsmResult;
import com.bocloud.common.utils.Common;
import com.bocloud.common.utils.MapTools;
import com.bocloud.registry.http.core.ServiceFactory;
import com.bocloud.registry.http.model.RemoteService;
import com.ideal.sso.SsoUtil;

@RestController
@RequestMapping("/")
public class LoginController {

	private static Logger logger = LoggerFactory.getLogger(LoginController.class);
	private static final BoCloudService SERVICE = BoCloudService.Cmp;

	@Autowired
	private ServiceFactory serviceFactory;
	@Autowired
	private SSOConfig ssoConfig;

	@RequestMapping(value = "/login", method = { RequestMethod.POST })
	public BsmResult login(@RequestParam(value = Common.USERNAME, required = true) String username,
			@RequestParam(value = Common.PASSWORD, required = true) String password,
			@RequestParam(value = Common.CODE, required = true) String code, HttpServletRequest request) {
		if (!StringUtils.hasText(username) || !StringUtils.hasText(password) || !StringUtils.hasText(code)) {
			return new BsmResult(false, "用户名，密码和验证码必输！", "500", "用户名，密码和验证码必输！");
		}
		String sessionId = null;
		try {
			sessionId = request.getSession().getId();
		} catch (Exception e) {
			logger.error("验证码已过期", e);
			return new BsmResult(false, "验证码已过期!");
		}
		String captcha = (String) request.getSession().getAttribute(CommonString.CAPTCHA);
		if (StringUtils.isEmpty(captcha)) {
			return new BsmResult(false, "验证码已过期!");
		}
		if (!code.equalsIgnoreCase(captcha)) {
			return new BsmResult(false, "验证码错误！");
		}
		Map<String, Object> param = MapTools.simpleMap(Common.USERNAME, username);
		param.put(Common.SESSIONID, sessionId);
		param.put(Common.PASSWORD, password);
		String url = "/login";
		RemoteService service = serviceFactory.build(SERVICE, url, BoCloudMethod.OPERATE, null, param);
		BsmResult result = service.invoke();
		if (result.isSuccess()) {
			this.handle(request, result);
		}
		return result;
	}

	/**
	 * 退出登录
	 * 
	 * @param request
	 * @return
	 */
	@RequestMapping(value = "/logout", method = { RequestMethod.POST })
	public BsmResult logout(HttpServletRequest request) {
		HttpSession session = request.getSession();
		session.invalidate();
		return new BsmResult(true, "退出成功！");
	}

	@RequestMapping(value = "/sso", method = { RequestMethod.GET })
	public BsmResult ssoQuery(@RequestParam(value = "query", required = true) String query,
			HttpServletRequest request) {

		if (StringUtils.isEmpty(query)) {
			return new BsmResult(false, "用户工号不能为空！", "500", "用户工号不能为空！");
		}
		BsmResult result = new BsmResult(false, "");
		String userId = null;
		String sessionId = request.getSession().getId();
		try {
			String[] infoList = SsoUtil.getUserInfo(query, ssoConfig.getDomain(), ssoConfig.getPrivateKey());
			if (infoList != null && infoList.length > 0) {
				userId = infoList[0];
				String url = "/sso";
				Map<String, Object> param = MapTools.simpleMap(Common.USERID, userId);
				param.put(Common.SESSIONID, sessionId);
				RemoteService service = serviceFactory.build(SERVICE, url, BoCloudMethod.OPERATE, null, param);
				result = service.invoke();
			}
			if (result.isSuccess()) {
				this.handle(request, result);
			}
		} catch (Exception e) {
			logger.error("工号错误！", e);
			return new BsmResult(false, "用户工号输入错误！");
		}
		return result;
	}

	private void handle(HttpServletRequest request, BsmResult result) {

		String data = JSONObject.toJSONString(result.getData());
		JSONObject dataObject = JSONObject.parseObject(data);
		JSONObject userData = dataObject.getJSONObject(Common.USER);
		String roles = dataObject.getString(Common.ROLES);
		String auths = dataObject.getString(Common.AUTHS);
		String authApi = dataObject.getString("authApi");
		String path = request.getContextPath();
		String base = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path
				+ "/";
		HttpSession session = request.getSession();
		session.setAttribute(Common.BASE, base);
		session.setAttribute(Common.API_KEY, dataObject.getString(Common.API_KEY));
		session.setAttribute(Common.SEC_KEY, dataObject.getString(Common.SEC_KEY));
		session.setAttribute(Common.USER, userData);
		session.setAttribute(Common.USERID, userData.getLong(Common.ID));
		session.setAttribute(Common.USERNAME, userData.getString(Common.USERNAME));
		session.setAttribute(Common.ROLES, roles);
		session.setAttribute(Common.AUTHS, auths);
		session.setAttribute("authApi", authApi);
		session.setMaxInactiveInterval(10 * 60);
	}

}
